I am a big fan of PortableApps, most of which are Open Source such as Firefox, Gimp & OpenOffice. PortableApps allows you to run these applications from your USB thumb drive without leaving a trace (registry) on the client machine.

PortableApps is Windows focused, however I have found that almost all of the applications run quite happily under Wine. So I now have a truly portable virtual environment of my favourite applications where ever I go.

Labels: Linux, Open Source

I was happily working on my Kubuntu box when the hard disk light went solid. I shut down all the running apps and the disk light stayed on, so I dutifully rebooted only to be greeted with a Hard Disk Not Found message from the BIOS.

I have a great backup scheme where I backup to the RAID array on my server which gets backed up weekly to tape. My automated backups stopped working 4 months ago after a system rebuild (yes I know). So I really need to get my data back.

I purchased an external USB enclosure for the dead disk, having had success with these before where a system BIOS couldn't see a drive but the limited electronics in an external USB could. Under Linux the USB came up as a device, so I duplicated it using ddrescue onto a brand new disk and then used gpart (not gparted) to rebuild the partition table. The whole process took about 6 hours and I got every single file back. I love Linux.

Having learnt my lesson I did some research into various backup options and chose to use rsync to backup all my laptops and desktops to my servers RAID array and then rsync that data to an external 500GB drive. I use native rsync on my Linux boxes and DeltaCopy on my Windows machines. Not a perfect solution but a fast and automated system - a backup of 200GB of data runs in under a minute by only copying the file differences via rsync.

Labels: Linux

I recently discovered SQLite, a lightweight cross platform SQL database. SQLite can create in memory or on disk databases and is quite feature rich. It stores all data in a single disk file which can be easily copied or moved to another machine and/or platform.

SQLite readily imports and exports data from text formats. I was able to create two tables, import and populate them with delimited text files, cross query them and export the results in under 10 lines on the SQLite CLI interface.

There are interfaces for a variety of programming languages including an ODBC connector and a bunch of 3rd party GUI's like one of my favourites - Kexi.

Unfortuneately some web sites require the use of IE exclusively to work. I try to avoid such poorly written sites however sometimes it's a neccessary evil.

Now that I run Linux exclusively this was a real pain until I found IEs4Linux, which is project that automates the installation of Internet Explorer under Wine.

Labels: Linux, Wine

I have been a subscriber to the Security Focus Pen-Test mailing list for a long time. Over the years the same questions keep coming up and I wish the moderators would stop letting them through. I have compiled my Top 3 Most Annoying questions on the Pen-Test list.

1. What's the best way to learn?/How do I set up a lab?
   This is essentially the same question with the same answer... Virualization. Use free VMWare server and download free tools and practice against your own machines, not other peoples without permission.
   
   
2. What's the best OS/Linux/Bootable CD for Pen-Testing?
   Backtrack - bootable or install it. Any Linux. Windows with Co-Linux or Cygwin.
   
   
3. How to I report a vendor vulnerability?
   OK this is just bragging or attention seeking. There is lots of doco on the net about how to do this.

And finally, I wish newbies (and not so newbies) would use Google before posting questions.

Labels: Security